dear gurus

i do need to create 1 user who has similar to root privileges but the username will not be root. say create user john

advise please suggest how best we can achieve this.

kind regard
salim

Please make a backup of /etc/passwd before trying this, because I'm not an expert, but if you change a user's UID and GID to 0 then they will have the permissions of root.

So, you go into /etc/passwd and change the numbers by the user you want to become 'root-like' to 0's. Look at this for instance:

root:x:0:0:root:/root:/bin/bash
newroot:x:123:123:newroot

See, in the above I'd change those numbers to zeros to make the user be the new root.


Hope this helps, remember to BACKUP your passwd file so nothing gets screwed up on account of my advice.

=mattseanbachman

@mattseanbachman there is no /etc/passwd. I use centos 5.

Maybe try doing this, login as root and do:

find / -name passwd

Or if centos is like my system:

sudo find / -name passwd


One of the results should be the password file, assuming that the file is of the same name (god, I should hope it would be).

Sorry I can't be of more help with Centos, I've never used that at all, I know nothing about it whatsoever. Hopefully someone else might be able to help if they have more experience (i.e. any whatsoever) than I have.

I am using CentOS5.4 and it has the file. Try cat /etc/passwd. Keep the caps and spellings.

@OP:

What do you mean root like? If you want some user to be able to do the administrative tasks then put the user in the root group and make sure the primary group for the user is root. You can also use sudo for the same.

AFAIK mattseanbachman's suggestion will work but these are not two "userid"s; they are a single userid (that is: 0) with two "username"s. Files created by newroot will be shown as belonging to root because they are actually owned by used ID 0 and the utilities mapping userid to username use the first occurrence of userid 0 in /etc/passwd to find the username.

Creating another user with userid 0 and groupid 0 may not be the best way to do whatever it is you want to do ... ?

dear gurus

as beginnner what do you suggest best practice to adopt.

appreciate your all quick response, what is the best practice i should adopt.

say i want to create user JOHN who want to use privilege of root. what steps or step by step i should take so that user JOHN can work as administrator at any time. sudo work if u login as root first, then sudo comes.

kind regards

I guess you are still not clear about sudo. You do not need root password for sudo. Just the user password. And when administrative task has to be performed, it can be done by sudo privileges.
Like fdisk command you will run like:

sudo fdisk -l. User will be prompted for password. It is not root password but the user's password that need to be given.
As catkin said, do not change the passwd file. Use group permissions. That is what groups are for.

The standard ways are:

• for ordinary users to use sudo or su to assume root priviliges (this is equivalent to Windows' "Run as"
• to set up a terminal shortcut that starts a terminal as root (this actually uses su; you will be prompted for root's password)

While it is a great convenience in the Windows world to routinely use a logon with administrative privileges, it is also very insecure; choosing not to do so is probably the single greatest step in improving Windows security. Having to use "Run as", or logging on as a different user is a small price to pay for avoiding the dangers.

Similarly, in the Linux world, having to use sudo or su is a small price to pay for the greater security of only using root privileges when necessary

The other advantage of using sudo is that you can be more granular about the amount of power you grant to your new user.

This is helpful if you have a team of users who require enhanced permissions to a handful of commands.

control over sudo permissions is stored in /etc/sudoers although this should be edited by the visudo command.

If you are not a fan of vi you can change the default text editor by setting the environment variable EDITOR
For more information about the sudoers file

As previous poster: if you only need a few cmds to be run as root, use sudo as described.
For a full access to root, you can tell john the root passwd, but have them login as john, then

su -

and give root passwd.

You can also add a user to the root's group, but this may cause ownership issues for file creation.

It's definitely not a good idea to stay logged in as root any longer than absolutely needed.

BTW, the passwd file is /etc/passwd on all Linux & Unix & *BSD systems.
However it is case sensitive and most modern systems store the actual passwd values elsewhere, usually /etc/shadow unless using eg NIS, LDAP etc.

If you give your user root privileges, then there will be no usable log as to what he does and he can do anything. OTOH, if you use sudo to assign specific privileges, then he will be limited to just those actions and what he does will be logged as his userid.

First off...YES there *IS* a /etc/passwd file in CentOS 5

if you want user "john" to have similar root priv then use sudo

visudo

-C